Nitesh Dhanjani, Manager, Advanced Security Centers, Ernst & Young LLP
Justin Clarke, Manager, Rudolph W. Giuliani Advanced Security Centers, Ernst & Young LLP
Date: Friday, July 30
Time: 10:45am - 11:30am
Location: Salon B
It is vital to perform routine Attack & Penetration audits against your network posture to recognize and remediate vulnerabilities. In order to protect yourself from malicious attackers, you must first begin to think like them, and therefore audit your network before they do it for you. This talk will discuss the common Attack & Penetration methodology:
- Network Foot-printing (Search engines, Domain registrars, RIRs, DNS, Traceroute)
- Scanning (Port scanning, OS fingerprinting)
- Enumeration (Application fingerprinting, Mis-configurations, Active & passive brute-forcing)
- Exploiting Local and Remote Vulnerabilities (Mis-configurations & remote vulnerabilities [Buffer Overflows, Input validation, etc])
Open source tools such as Airsnort, Amap, Dsniff, Ettercap, Hydra, Kismet, Nessus, Netcat, Nikto, Nmap, and many others can be used to find vulnerabilities and their usage will be discussed. In addition, these open source tools allow users to tweak and add functionality to scan and detect new attack techniques and vulnerabilities, and this topic will be discussed as well.
Adds Dhanjani, "As a consultant for Ernst & Young's Advanced Security Center, I perform Attack & Penetration reviews for our clients. Personally, I am most fond of open source security tools when it comes to performing audits, and use them on a daily basis. My talk will discuss the most commonly used open source security tools from an Attack & Penetration perspective, and how they can compare and do better than the closed source implementations of the same tools that sell for hundreds of thousands of dollars. Attendees will come away with an understanding of what open source security tools are most useful, and how to extend and tweak them to suit their needs.
"I will also be discussing how these tools can be used by 'hackers' to break into unauthorized networks. Perhaps this approach may be controversial to some, but many firms today realize that security cannot be gained from a defense approach only. It is vital to audit your own networks with the mindset equal to that of the malicious 'hackers' to get a full picture of one's security posture."
Download presentation file